Migrate security_advisories toolset to modelcontextprotocol/go-sdk (#1434)

* Initial plan

* Migrate security_advisories toolset to modelcontextprotocol/go-sdk

Co-authored-by: omgitsads <[email protected]>

* Add toolsnaps tests and snapshots for security_advisories

Co-authored-by: omgitsads <[email protected]>

* Dont bubble up an error for getClient

We should do this eventually, but to keep the existing behavior, we
just return the error to the client.

* re-add security_advisories toolset

* Revert this change from the base PR

---------

Co-authored-by: copilot-swe-agent[bot] <[email protected]>
Co-authored-by: omgitsads <[email protected]>
Co-authored-by: Adam Holt <[email protected]>
Co-authored-by: LuluBeatson <[email protected]>

Author: 3 people

pkg/github/__toolsnaps__/get_global_security_advisory.snap

@@ -0,0 +1,20 @@
+{
+  "annotations": {
+    "readOnlyHint": true,
+    "title": "Get a global security advisory"
+  },
+  "description": "Get a global security advisory",
+  "inputSchema": {
+    "type": "object",
+    "required": [
+      "ghsaId"
+    ],
+    "properties": {
+      "ghsaId": {
+        "type": "string",
+        "description": "GitHub Security Advisory ID (format: GHSA-xxxx-xxxx-xxxx)."
+      }
+    }
+  },
+  "name": "get_global_security_advisory"
+}

pkg/github/__toolsnaps__/list_global_security_advisories.snap

@@ -0,0 +1,87 @@
+{
+  "annotations": {
+    "readOnlyHint": true,
+    "title": "List global security advisories"
+  },
+  "description": "List global security advisories from GitHub.",
+  "inputSchema": {
+    "type": "object",
+    "properties": {
+      "affects": {
+        "type": "string",
+        "description": "Filter advisories by affected package or version (e.g. \"package1,[email protected]\")."
+      },
+      "cveId": {
+        "type": "string",
+        "description": "Filter by CVE ID."
+      },
+      "cwes": {
+        "type": "array",
+        "description": "Filter by Common Weakness Enumeration IDs (e.g. [\"79\", \"284\", \"22\"]).",
+        "items": {
+          "type": "string"
+        }
+      },
+      "ecosystem": {
+        "type": "string",
+        "description": "Filter by package ecosystem.",
+        "enum": [
+          "actions",
+          "composer",
+          "erlang",
+          "go",
+          "maven",
+          "npm",
+          "nuget",
+          "other",
+          "pip",
+          "pub",
+          "rubygems",
+          "rust"
+        ]
+      },
+      "ghsaId": {
+        "type": "string",
+        "description": "Filter by GitHub Security Advisory ID (format: GHSA-xxxx-xxxx-xxxx)."
+      },
+      "isWithdrawn": {
+        "type": "boolean",
+        "description": "Whether to only return withdrawn advisories."
+      },
+      "modified": {
+        "type": "string",
+        "description": "Filter by publish or update date or date range (ISO 8601 date or range)."
+      },
+      "published": {
+        "type": "string",
+        "description": "Filter by publish date or date range (ISO 8601 date or range)."
+      },
+      "severity": {
+        "type": "string",
+        "description": "Filter by severity.",
+        "enum": [
+          "unknown",
+          "low",
+          "medium",
+          "high",
+          "critical"
+        ]
+      },
+      "type": {
+        "type": "string",
+        "description": "Advisory type.",
+        "default": "reviewed",
+        "enum": [
+          "reviewed",
+          "malware",
+          "unreviewed"
+        ]
+      },
+      "updated": {
+        "type": "string",
+        "description": "Filter by update date or date range (ISO 8601 date or range)."
+      }
+    }
+  },
+  "name": "list_global_security_advisories"
+}

pkg/github/__toolsnaps__/list_org_repository_security_advisories.snap

@@ -0,0 +1,47 @@
+{
+  "annotations": {
+    "readOnlyHint": true,
+    "title": "List org repository security advisories"
+  },
+  "description": "List repository security advisories for a GitHub organization.",
+  "inputSchema": {
+    "type": "object",
+    "required": [
+      "org"
+    ],
+    "properties": {
+      "direction": {
+        "type": "string",
+        "description": "Sort direction.",
+        "enum": [
+          "asc",
+          "desc"
+        ]
+      },
+      "org": {
+        "type": "string",
+        "description": "The organization login."
+      },
+      "sort": {
+        "type": "string",
+        "description": "Sort field.",
+        "enum": [
+          "created",
+          "updated",
+          "published"
+        ]
+      },
+      "state": {
+        "type": "string",
+        "description": "Filter by advisory state.",
+        "enum": [
+          "triage",
+          "draft",
+          "published",
+          "closed"
+        ]
+      }
+    }
+  },
+  "name": "list_org_repository_security_advisories"
+}

pkg/github/__toolsnaps__/list_repository_security_advisories.snap

@@ -0,0 +1,52 @@
+{
+  "annotations": {
+    "readOnlyHint": true,
+    "title": "List repository security advisories"
+  },
+  "description": "List repository security advisories for a GitHub repository.",
+  "inputSchema": {
+    "type": "object",
+    "required": [
+      "owner",
+      "repo"
+    ],
+    "properties": {
+      "direction": {
+        "type": "string",
+        "description": "Sort direction.",
+        "enum": [
+          "asc",
+          "desc"
+        ]
+      },
+      "owner": {
+        "type": "string",
+        "description": "The owner of the repository."
+      },
+      "repo": {
+        "type": "string",
+        "description": "The name of the repository."
+      },
+      "sort": {
+        "type": "string",
+        "description": "Sort field.",
+        "enum": [
+          "created",
+          "updated",
+          "published"
+        ]
+      },
+      "state": {
+        "type": "string",
+        "description": "Filter by advisory state.",
+        "enum": [
+          "triage",
+          "draft",
+          "published",
+          "closed"
+        ]
+      }
+    }
+  },
+  "name": "list_repository_security_advisories"
+}

pkg/github/context_tools.go

@@ -47,7 +47,7 @@ func GetMe(getClient GetClientFn, t translations.TranslationHelperFunc) (mcp.Too
 		mcp.ToolHandlerFor[map[string]any, any](func(ctx context.Context, _ *mcp.CallToolRequest, _ map[string]any) (*mcp.CallToolResult, any, error) {
 			client, err := getClient(ctx)
 			if err != nil {
-				return utils.NewToolResultErrorFromErr("failed to get GitHub client", err), nil, err
+				return utils.NewToolResultErrorFromErr("failed to get GitHub client", err), nil, nil
 			}
 
 			user, res, err := client.Users.Get(ctx, "")

pkg/github/context_tools_test.go

@@ -115,7 +115,6 @@ func Test_GetMe(t *testing.T) {
 			textContent := getTextResult(t, result)
 
 			if tc.expectToolError {
-				assert.Error(t, err)
 				assert.True(t, result.IsError, "expected tool call result to be an error")
 				assert.Contains(t, textContent.Text, tc.expectedToolErrMsg)
 				return